wp_specialchars

Legacy escaping for HTML blocks.

Description

(string) wp_specialchars( (string) $string, (constant) $quote_style = ENT_NOQUOTES, (constant) $charset = false, (bool) $double_encode = false ); 

Returns (string)

Escaped `$string`.

Parameters (4)

0. $string (string)
String to escape.
1. $quote_style — Optional. (constant) => ENT_NOQUOTES
The quote style.
2. $charset — Optional. (constant) => false
The charset.
3. $double_encode — Optional. (bool) => false
Whether to double encode. Unused.

Usage

  1. if ( !function_exists( 'wp_specialchars' ) ) { 
  2. require_once ABSPATH . WPINC . '/deprecated.php'; 
  3.  
  4. // String to escape. 
  5. $string = ''; 
  6.  
  7. // The quote style. 
  8. $quote_style = ENT_NOQUOTES; 
  9.  
  10. // The charset. 
  11. $charset = false; 
  12.  
  13. // Whether to double encode. Unused. 
  14. $double_encode = false; 
  15.  
  16. // NOTICE! Understand what this does before running. 
  17. $result = wp_specialchars($string, $quote_style, $charset, $double_encode); 
  18.  

Defined (2)

The function is defined in the following location(s).

/wp-includes/deprecated.php  
  1. function wp_specialchars( $string, $quote_style = ENT_NOQUOTES, $charset = false, $double_encode = false ) { 
  2. _deprecated_function( __FUNCTION__, '2.8', 'esc_html()' ); 
  3. if ( func_num_args() > 1 ) { // Maintain backwards compat for people passing additional args 
  4. $args = func_get_args(); 
  5. return call_user_func_array( '_wp_specialchars', $args ); 
  6. } else { 
  7. return esc_html( $string ); 
/wp-includes/formatting.php  
  1. function _wp_specialchars( $string, $quote_style = ENT_NOQUOTES, $charset = false, $double_encode = false ) { 
  2. $string = (string) $string; 
  3.  
  4. if ( 0 === strlen( $string ) ) 
  5. return ''; 
  6.  
  7. // Don't bother if there are no specialchars - saves some processing 
  8. if ( ! preg_match( '/[&<>"\']/', $string ) ) 
  9. return $string; 
  10.  
  11. // Account for the previous behaviour of the function when the $quote_style is not an accepted value 
  12. if ( empty( $quote_style ) ) 
  13. $quote_style = ENT_NOQUOTES; 
  14. elseif ( ! in_array( $quote_style, array( 0, 2, 3, 'single', 'double' ), true ) ) 
  15. $quote_style = ENT_QUOTES; 
  16.  
  17. // Store the site charset as a static to avoid multiple calls to wp_load_alloptions() 
  18. if ( ! $charset ) { 
  19. static $_charset = null; 
  20. if ( ! isset( $_charset ) ) { 
  21. $alloptions = wp_load_alloptions(); 
  22. $_charset = isset( $alloptions['blog_charset'] ) ? $alloptions['blog_charset'] : ''; 
  23. $charset = $_charset; 
  24.  
  25. if ( in_array( $charset, array( 'utf8', 'utf-8', 'UTF8' ) ) ) 
  26. $charset = 'UTF-8'; 
  27.  
  28. $_quote_style = $quote_style; 
  29.  
  30. if ( $quote_style === 'double' ) { 
  31. $quote_style = ENT_COMPAT; 
  32. $_quote_style = ENT_COMPAT; 
  33. } elseif ( $quote_style === 'single' ) { 
  34. $quote_style = ENT_NOQUOTES; 
  35.  
  36. if ( ! $double_encode ) { 
  37. // Guarantee every &entity; is valid, convert &garbage; into &garbage; 
  38. // This is required for PHP < 5.4.0 because ENT_HTML401 flag is unavailable. 
  39. $string = wp_kses_normalize_entities( $string ); 
  40.  
  41. $string = @htmlspecialchars( $string, $quote_style, $charset, $double_encode ); 
  42.  
  43. // Backwards compatibility 
  44. if ( 'single' === $_quote_style ) 
  45. $string = str_replace( "'", ''', $string ); 
  46.  
  47. return $string;